PDA

View Full Version : backdoor.bot won't go away



marthab
2010-01-24, 03:58
backdoor.bot has infected my comp - can not seem to get rid of it. Spybot has detected, McAfee does not. Have run malwarebytes several times. Quick scan shows entries in registry keys etc but Full scan showed two entries in Memory processors. Always appears to quarantine all entries but keeps coming back... Pesty stuff: Google keeps redirecting, sound comes through speakers (ads. etc) I also keep getting DCOM server process reboot. Used Symantec tool to remove worm associated with the problem and the computer always comes out clean.
Read that my computer security could be compromised - please advise how I can ge rid of this. Can post mbam logs...
Help - self employed - this is my work computer.

Blade81
2010-01-29, 18:07
Hi,

Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.


Download GMER (http://www.gmer.net) here by clicking download exe -button and then saving it your desktop:
Double-click .exe that you downloaded
Click rootkit-tab and then scan.
Don't check
Show All
box while scanning in progress!
When scanning is ready, click Copy.
This copies log to clipboard
Post log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.


Post also MBAM report if handy :)

Blade81
2010-02-05, 20:48
Due to inactivity, this thread will now be closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.